<?
$title = 'Secure Program Area: Login';
include("includes/functions.php");
include("includes/sajax/functionsSajax.php");
include("includes/sajax/sajax.php");

// Check for login
if ($_POST[login] == 1) {
    // Check obvious stuff
    if (empty($_POST[userid]) || empty($_POST[password])) {
		$error = 1;
		$message = "<font color=red>You must enter a User Name and Password.</b></font>";
	}
	if (empty($error)) {
		// Check against dbase
		$sql = "SELECT * from casa_users WHERE Userid = '$_POST[userid]' AND Password = '$_POST[password]'";
		$result = mysql_db_query($dbname,$sql);
		$numRows = mysql_num_rows($result);
		if (empty($numRows)) {
		    $error = 1;
		    $message = "<font color=red><b>Sorry!</b> I can't find your login information. Please try again.</font>";
		}
	}
	if (empty($error)) {
	    // Login and redirect
	    $row = mysql_fetch_assoc($result);
	       
	    $_SESSION['UID']    = $row[UID];
	    $_SESSION['userid'] = $row[Userid];
	    $_SESSION['name']   = $row[NameFirst].' '.$row[NameLast];
	    $_SESSION['userLevel'] = $row[AdminLevel];
	    $_SESSION['programID'] = $row[ProgramID];
	    $_SESSION['logged'] = 1;	
	    
	    header("Location: accountHome.php");
	}
}

// Logout
if ($_GET[logout] == 1) {
	session_start();
	$_SESSION['userid']    = null;
	$_SESSION['logged']    = null;
	$_SESSION['UID']       = null;
	$_SESSION['name']      = null;
	$_SESSION['userLevel'] = null;
	header("Location: login.php");
}
if (empty($login)) {
	$bodyStuff = "onLoad = 'document.loginForm.userid.focus()';";
}

include("includes/header.php"); 
?>	
<center>
<div class="bluBox" style="width: 400px;">
	<b>Please Login</b><br />
	<?
	if (!empty($error)) {
		echo "<div id=\"pageInstructions\">$message</div>\n";
	}
	?>
	<form action="<?=$PHP_SELF; ?>" method="POST" name="loginForm">
	<input type="hidden" name="login" value="1" />
	<table>
	<tr>
		<td>Email Address</td>
		<td><input type="text" name="userid" style="width: 200px;" value="<?=$_POST[userid]; ?>" /></td>
	</tr>
	<tr>
		<td>Password</td>
		<td><input type="password" name="password" style="width: 200px;" /></td>
	</tr>
	<tr>
		<td></td>
		<td><input type="submit" value="Login!" style="margin-right: 20px;" /></td>
	</tr>
	<tr>
		<td></td>
		<td><a href="createAccount.php"><b>Create a new account</b></a></td>
	</tr>
	</table>
	</form>
</div>
</center>
<br />
<? include("includes/footer.php"); ?>		